
DOD Secure Cloud Computing Architecture 

A Scalable, Cost-Effective Approach to Securing Cloud-Based Programs Under a Common Security Architecture 


Overview 

DISA’s Secure Cloud Computing Architecture (SCCA) is a suite of 
enterprise-level cloud security and management services. It provides a 
standard approach for boundary and application level security for 
impact level four and five data hosted in commercial cloud 
environments. 

• Cloud Access Point 

• Virtual Data Center Security Stack 

• Virtual Data Center Managed Services 

• Trusted Cloud Credential Manager 
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SCCA Features 

Cloud Access Point: Provides access to the cloud, and protects DOD networks from the cloud. Streamlined 
protections focused on protecting the network boundary. 

Virtual Data Center Security Stack: Virtual network enclave security to protect applications and data in commercial 
cloud offerings. 

Virtual Data Center Managed Services: Application host security for privileged user access in commercial 
environments. 

Trusted Cloud Credential Manager: Cloud credential manager to enforce role-based access control (RBAC) and 
least privileged access. 
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SCCA Scope and Capabilities 


The SCCA is designed to cover all aspects of commercial provider implementation. It addresses the security 
concerns inherent in today’s industry offerings for infrastructure-as-a-service (laaS), platform-as-a-service 
(PaaS), and software-as-a-service (SaaS). Additionally, it includes support for both on premise and off 
premise commercial providers. 



SCCA 


On the Horizon 

• Maintain operational support of existing Non-Secure Internet Protocol Router Network (NIPRNet) Federated 
Gateway cloud access point (CAP). 

• Fiscal year 2017, quarter 2: Deploy SCCA prototype for select application testing. 

• Develop capability roadmap to define current program enhancements based on evolving DOD requirements. 

Industry Partner Engagement 

• SCCA functional requirements publication planned for January 2017. 



www.disa.mil/Computing/Cloud-Services 































